Work on the Internet, especially with a high connection speed, requires observance of certain security measures. In particular, it is necessary to monitor traffic and not to allow uncontrollable network activity of the computer.
1. At connection of the computer to network in a system tray there is a connection icon in the form of two computers connected among themselves. If you have no such icon, open property of network connection: "Start-up – the Control panel – Network connections". Select your connection, click it the right mouse button and note a birdie the At Connection to Display an Icon in Notification Area point.
2. The connection icon in a tray allows to control visually information exchange with the Internet. If you open nothing and do not download, you did not start update of the operating system or antivirus software, but the computer continues active interaction with network, it is necessary to understand the reasons of it urgently. It is quite possible that your computer is infected with the Trojan program or it was cracked, and now from your IP address illegal acts are commited.
3. Try to understand what application is used by traffic. If you started the browser, close it and assess a situation on a connection icon in a tray. If it continues to show activity, in turn close all started programs.
4. If all applications are closed, but the computer continues to communicate with network, open the command line: "Start-up – All programs – Standard – the Command line" also assess the current situation with the help of the netstat command – aon. Enter it into the command line, click Enter, you receive the list of the current network connections. The current status of connection is reflected in the graph "Status" – there is it at the moment, is already finished or the program which opened port is in wait state.
5. Pay attention to the established connections, they are designated as ESTABLISHED. In the last column – PID – are specified so-called identifiers of processes. Define what program possesses the specific identifier, will help you the tasklist command. Enter it into already open window of the command line, click Enter. You receive the list of the started processes, at the same time near a name of processes there will be also their identifiers. Having compared PID from the first table with identifiers of the second, you will be able to understand to what processes they belong.
6. The following step is in in turn to close active processes and to look at activity of connection. You can close processes in two ways – in the Task manager (Ctrl + Alt + Del) or in the command line. In the first case open the Task manager, click "A view – to Select columns". Note a birdie the Process identifier point. Now you will see identifiers (PID) near names of processes.
7. Select one of active network processes in a window of the command line, find it in the Task manager. Click the right mouse button, select the Complete Process item. After that look whether the network activity stopped. If is not present, close the second active network process, etc. You can close them and directly from the command line, having executed: taskkill/pid 1234 where instead of 1234 substitute PID of process which is required to be completed.
8. Sometimes the computer does not work with network too actively, but all the same uncontrollable exchanges some packages. To find out to what IP addresses it connects, use the BWmeter program. It allows to browse and write all necessary information on the established connections in the log.